Posts

Revoking Consent for Noggle Knowledge App in Azure Active Directory

In order for Noggle to work with Office365 connectors like OneDrive or Teams, it needs to get consent to read the profile and files for the MS Graph API of the signed-in user. Some people fall in the middle where they are happy to consent as long as they can choose to revoke that consent after they are done playing with the app.

It is not very obvious what you need to do to revoke consent for an Azure Active Directory Application. Even people on the Identity team don’t always know. So let’s talk about how you can do it

Using the My Apps Portal for Individual User Consent

You can revoke individual user consent through the My Apps Portal. Here you should see a view of all applications that you or even your administrator (on your behalf) has consented to:

With applications your admin has consented to, all you can do is open the app, however for apps where you individually consented as a user, you can click “Remove” which will revoke consent for the application.

Using the Azure Portal to Remove Tenant Wide Consent

If you are a tenant administrator, and you want to revoke consent for an application across your entire tenant, you can go to the Azure Portal.  Whether it be for a bunch of users who individually consented or for an admin who consented on behalf of all the users, by simply deleting the application’s service principal, you will remove all OAuth 2 Permission Grants (the object used to store consent) linked to that application. Think about removing the service principal like uninstalling the application from your tenant.

You could delete the service principal a bunch of different ways like through Azure Active Directory PowerShell or through the Microsoft Graph API, but the easiest way for the average administrator is right through the Azure Portal.

Navigate to the Enterprise Applications blade in the Azure portal:

When you click the Noggle application, you will be brought to an “Overview” section, where a tempting button called “Delete” will be at the top. Before you click this button,  you might want to take a peak at the “Permissions” section to see the types of consent that was granted to this application:

Once you feel confident that you want to delete this application, go back to “Overview” and click “Delete”.

The consent associated with the Noggle Knowledge app is now gone for your organization.